[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Recon 2012 - Call For Papers - June 14-16, 2012 - Montreal, Quebec



                      `-,_   `.   \  | |  /   .'    _,-'
           ,,__           `-,_ `.  \ | | /  .'  _,-'          __,,
               ''--..__       `-,_.-"""""-._ ,-'      __..--''
           ...____     ''--..__.'           `.__..--''         ___
                  """"----____/               \____....----""""
                      _________    ___________________  
                      \_   ___ \  /   _____/\______   \ 
                      /    \  \/  \_____  \  |     ___/ 
                      \     \____ /        \ |    |     
                       \______  //_______  / |____|     
                              \/         \/             
              
                             C0UR1ER STR!KE PH0RCE
                               
                                  ..pr3s3ntz..


                                                THG
                                                  -.-

           
                \ /                                          \   /  TRSi    
               --o--           `\\             //'      .____-/.\-____.
             FLT                 \\           //             ~`-'~
                                  \\. __-__ .//                     
                        ___/-_.-.__`/~     ~\'__.-._-\___
 .|.       ___________.'__/__ ~-[ \.\'-----'/./ ]-~ __\__`.___________       .|.
 ~o~~~~~~~--------______-~~~~~-_/_/ |  PWA  | \_\_-~~~~~-______--------~~~~~~~o~
 ' `               + + +  (X)(X)  ~--\__'__/--~  (X)(X)  + + +               ' `
                              (X) `/.\'   `/.\' (X)
                                  "\_/"   "\_/"


                                                                                
   



          
                               ..t4rg3t l0ck3d..


nobody@mail:~$ uname -a
Linux mail.recon.cx 2.6.39-smp #1 SMP Thu May 19 21:31:28 WIT 2011 i686 
nobody@mail:~$ hostname
mail.recon.cx
nobody@mail:~$ pwd
/
nobody@mail:~$ cd /home ; ls -l
total 36
drwxr-xr-x  3 cade     cade     4096 Mar  6  2011 cade
drwxr-xr-x 17 hfortier hfortier 4096 Jan 18 18:21 hfortier
drwxr-xr-x  3 dma      dma      4096 Feb  9  2011 dma
drwxr-xr-x  3 jamie    jamie    4096 Jan 18 23:12 jamie
drwxr-xr-x  4 msf      msf      4096 Aug 25  2010 msf
drwxr-xr-x  4 tina     tina     4096 Jun  6  2011 tina
nobody@mail:/home$ ls -l hfortier
total 12
drwx------  2 hfortier hfortier  4096 Jan  5 cfpsubmission2012
-rw-r--r--  1 hfortier hfortier   884 Jan 15 CFP_2012_v1
nobody@mail:/home$ cat hfortier/CFP_2012_v1

+                    +                     +         +
                               +                  +           +
        +                                             +
                                     \ /
                    +     _        - _+_ -                   ,__
      _=.    .:.         /=\       _|===|_                  ||::|
     |  |    _|.        |   |     | |   | |     __===_  -=- ||::|
     |==|   |  |  __    |.:.|   /\| |:. | |    |   | .|| : |||::|
     |  |-  |.:|_|. :__ |.: |--|==| |  .| |_   | ' |. ||.  |||:.|
   __|. | |_|. | |.|...||---|  |==| |   | | |_--.     ||   |||. |
  |  |  |   |. | | |::.||: .|  |==| | . : |=|===|    :|| . ||| .|
  |:.| .|   |  | | |:.:|| . |  |==| |     |=|===| .   |'   | |  |
  |     |      |   |   |'           :   .   |   ;     ;    '    |
  '     :      `   :   '            .       '  .      .         :
REC0N 2012
MONTREAL
JUNE 14-16

+ RECON returns for 2012

   - Training sessions + conference
   - List of training sessions for Recon 2012:
        - Binary Literacy: Static Reverse Engineering by Rolf Rolles
        - Windows Internals for Reverse Engineers by Alex Ionescu
        - Bug Hunting and Analysis 0x65 by Aaron Portnoy and Zef Cekaj
        - The Exploit Laboratory 3 Day Recon Edition by Saumil Shah and Josh 
Ryder
        - Holistic NFC hacking - emulating the guts out of RFID by Milosch 
Meriac
        - Others to be announced as they are confirmed..

+ We are accepting submissions

   - Single track
   - 45-60 minute presentations, or longer, we are flexible
   - There will be time for short, informal "lightning talks"

+ Especially on these topics

   - Reverse engineering 
      - Software | Protocols | Hardware | Humans 
   - Finding vulnerabilities and writing exploits
   - Novel data visualization for hackers and reverse engineers
   - Bypassing security and software protections
   - Crypto and anonymity
   - Physical security countermeasures
   - Techniques for any of the above on new or interesting architectures
   - Wireless

         ++ Anything else elite ++

+ Please include

   - Speaker name(s) and/or handle
   - Contact information (e-mail and cell phone)
   - Brief biography
   - If available, some pesentation supporting materials 
     (website, code, paper, slides, outline..)
   - And why it is cool, or why you want to present it

+ Get back to us soon

   - First round of CFP to end March 31
   - First speakers/talks to be announced week of April 2
   - CFP closes April 27, 2012, Recon 2012 speakers/talks announced May 5 

   - So please send the above information to:
     cfp2012 (at) recon.cx 

+ Recon registration opens March 5
   - http://recon.cx

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (Darwin)

mQENBE9K0KIBCAD0FeGl+KL9VrqHMU2SNh7MA5RlyJ4Tn4fM3JjEWJh2Hu2NoERs
gF+TrVvxIp8QXN9B9VibfZTY7OzQTZeEwb+u2MqjncIujmj/RIFICGIFNzpCN0mS
6YYnBt+6C2OF47ftyN2+azC3ulsrQJQmsOYVP/iEsB/iuEljB4zoDlg1/dazCS4y
VUvuIvnWXGDmIM/HH79aUStttOVJ99DRCSHuYVctK5wO/YtMOtJPSy06t8L/ufSU
8ze2yOAp4xzyZaKpoefdcTn9poGzCTdUMwAa4LNPOnEbzS8xp3nPtsHxYSiNxYKx
UT1ntOwYArYJqaaFTPQ/oTBwzjRs+zQjhoizABEBAAG0IVJlY29uIENGUCAyMDEy
IDxjZnAyMDEyQHJlY29uLmN4PokBPgQTAQIAKAUCT0rQogIbAwUJAeEzgAYLCQgH
AwIGFQgCCQoLBBYCAwECHgECF4AACgkQyKHCVdp5fZnfNQgArS4mYpZttzUK3asp
ujpgI9rVKCgS9y+suo6ZSs8VGqg/Pw3j4i4WwnMrLJXSkS6hldQQqJelHYwixUws
qqT70fqMfblZrlensP0e+Nd6BwSUxinGEPYil5vNuVdhv5H1OmtDMlU6J6Znwknc
alOC9+Uy5yCx4AKDs/YsJjMHD0uGN7/cXlDsW/fdWXo3GMLxVwq9c3hFdxUTQvI3
7DWuY5qErfkM2mbJWyYb1U0ROgKM/PUR5la9/qYzvrsyME4rCs+6Ym0Iix1rKufi
1J2e46HwWL8BVJQQbKEToSm60bi7+8Cnxoj6g5dqaswdEZr8FFq2RtpCzESbR/nY
R2lUDLkBDQRPStCiAQgAsn4Ve9rjebQBYI0Z4oO/nttOIZsTU74ppl/K61k0KvWW
6dD3ePEPfnoFUq5/4fBUhQW0F56sTDNQmjX/QwnRi9DpaOSEj+Urz1OwSYwEv8bI
HlxJSmIn9IihXq4EL71VfO3dcGsb5On5L5GoVV1uNskL3H0lqHf6u6OMGqL91MEW
TbRz9NuiEubjFwP4w3604pqdErpSAJpVxF/SCTPfVVxzOQrYRV5fAqEA7S/AXBkO
o8WwIcQHx+PRfsIPvVQO6qZt3KY35eeyY26UlWd3ARFn1uxtSJSkUog9/v5w7KGj
gIdMPDv816a6bhMbuFtPwgx+aYHMQso7Rb8HB9VdjwARAQABiQElBBgBAgAPBQJP
StCiAhsMBQkB4TOAAAoJEMihwlXaeX2ZUXEH/0nSlGR+yyojhWab+xAuI2Y3b0nC
H/do5IriVk0+Ft5VvUwDwBAIowl/iORz7Oko5RMeNpyvaZ8tVEigre70MUbWiUk9
QzXiib+vNq6zv+9CIenNYjt4CDUU4J+AxtT0JFgDp4HK3cGk4xiFcI7N8QuajUpf
w1dAlMVhk+fqi+KS97sRh9xBUNW5K/4LT4AhtLGM5cOCbV3anUq2t9u+zDXwLayS
DvEzy3hazliq58J0vRrcoJbhoj/tzsNRoTWEgYxIRNNX9inC9rYVg/RLu5OqxJHa
yitlGtR1RleQk/SYih3mFtFsvKzbMqszfsZ6d7yObh4ll3ltcntZsze0Fa8=
=b/Xc
-----END PGP PUBLIC KEY BLOCK-----


nobody@mail:/home$ ls -l dma
-rw-r--r--  1 dma dma  62231093 Feb  8  2011 recon2010.tgz
-rw-rw-r--  1 dma dma      2298 Jun 13  2011 binmail.sh
drwx------  2 dma dma      4096 Jan 15  2011 logs
-rw-rw-r--  1 dma dma    342432 May 21  2011 lrk.tar.gz
-rw-rw-r--  1 dma dma      3146 Aug 12  2011 Manifesto_theMentor.txt
-rw-rw-r--  1 dma dma     45354 Sep 11  2011 nfsshell.c
-rw-r--r--  1 dma dma  62231093 Feb  8  2011 recon2010.tgz
drwx------  2 dma dma      4096 Mar 11  2011 srctreez
-rw-rw-r--  1 dma dma     20518 Jun 13  2011 strobe.c
-rw-------  1 dma dma  49239142 Oct  8  2009 
stash-of-warez-stolen-from-rejected-bugtraq-posts.tgz.gpg
-rw-------  1 dma dma  84450876 Jan  2  2011 subgraph2011.tgz
-rw-rw-r--  1 dma dma     12544 Jan 11  2011 sunsniffer.c
-rw-rw-r--  1 dma dma    321713 Apr 19  2011 tl110.zip
-rw-rw-r--  1 dma dma     19288 Jan 17  2011 UNIX-Guide_to_being_Sneaky.txt
-rw-rw-r--  1 dma dma     27542 Jan 11  2011 ypx.shar
-rw-rw-r--  1 dma dma      1995 May 21  2011 zap2.c

nobody@mail:/home$ ls -l cade
drwx------  2 cade cade 4096 Jan 18 23:42 pics
nobody@mail:/home$ ls -l cade/pics
-rw-r--r--  1 cade cade    44109 Mar 11 2011 park_squirrel.jpg
-rw-r--r--  1 cade cade    12690 Jun 17 2011 squirrel.jpg
-rw-r--r--  1 cade cade   226207 Jun 18 2011 tdz_beach.jpg
nobody@mail:/home$ ls -l jamie
-rw-r--r--  1 jamie jamie 1244 Jan 18 23:05 shells
nobody@mail:/home$ id
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)

nobody@mail:/home$ /home/hfortier/cfpsubmission2012/poc/linuxkernel0day
sh-3.2# id
uid=0(root) gid=0(root) groups=0(root)

[..] n0w ph0r th3 sp0olz [..]

Return-Path: <hfortier@xxxxxxxx>
X-Original-To: info@xxxxxxxx
Received: from [127.0.0.1] (localhost [127.0.0.1])
        (Authenticated sender: hfortier) by mail.recon.cx (Postfix) 
        with ESMTPSA id 24588D6170
Message-ID: <4F0C8FE0.4000508@xxxxxxxx>
Date: Tue, 10 Jan 2012 14:22:08 -0500
From: Hugo Fortier <hfortier@xxxxxxxx>
User-Agent: Unknown
MIME-Version: 1.0
To: "info@xxxxxxxx" <info@xxxxxxxx>
Subject: Yo
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Who forgot to shut down the VAX VM? 

Return-Path: <jamie@xxxxxxxx>
Delivered-To: xxx@xxxxxxxx
Received: from [127.0.0.1] (localhost [127.0.0.1])
        (Authenticated sender: dma) by mail.recon.cx (Postfix) 
        with ESMTPSA id 15D04D6170
Message-ID: <4F0CA7D9.1090608@xxxxxxxx>
Date: Tue, 10 Jan 2012 16:04:25 -0500
From: Jamie <jamie@xxxxxxxx>
User-Agent: Pine/4.44 (NetBSD)
MIME-Version: 1.0
To: Hugo Fortier <hfortier@xxxxxxxx>
CC: "info@xxxxxxxx" <info@xxxxxxxx>
Subject: Re: Yo
In-Reply-To: <4F0CA313.7080107@xxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On 12-01-10 2:22 PM, Hugo Fortier wrote:
> Who forgot to shut down the VAX VM? 
>

Uh oh. The process cratered at some point - the pid is still there, it's 
running, and it's got a TCP connection back to mail, but whatever is in memory 
doesn't look like the emulator anymore. Strange, but I doubt someone broke 
through the VM. Must be a ghost in the machine.


Return-Path: <stagami@REDACTED>
X-Original-To: info@xxxxxxxx
Delivered-To: xxx@xxxxxxxx
Received: from xxxx (xxx [x.x.x.x])
        by mail.recon.cx (Postfix) with ESMTPS id 0D26DD6170
        for <info@xxxxxxxx>; Tue, 10 Jan 2012 23:11:03 -0500
Message-ID: <4E0A0AFD.80308FCX1aca.Gnus>
Date: Tue, 10 Jan 2012 23:10:43 -0500
From: Stu Garbinsky 
User-Agent: Gnus/5.110018 (No Gnus v0.18) 
MIME-Version: 1.0
To: "info@xxxxxxxx" <info@xxxxxxxx>
Subject: Available to speak at REcon 
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hey guys, just thought I'd let you know that I am available to speak at REcon 
if you're interested -- but it will cost you 10k. Sorry, not trying to a jerk, 
I will be walking away from a consulting job and it comes out of my own pocket. 
Mo' money, mo' problems. You know how it is.

Just let me know dudez, peace out.

- Stu 

Return-Path: <dma@xxxxxxxx>
Delivered-To: jamie@xxxxxxxx
Received: from [127.0.0.1] (localhost [127.0.0.1])
        (Authenticated sender: dma) by mail.recon.cx (Postfix) 
        with ESMTPSA id 21D2AF170
Message-ID: <1B0A205A.0432032@xxxxxxxx>
Date: Wed, 11 Jan 2012  3:24:25 -0500
From: David <dma@xxxxxxxx>
User-Agent: Mutt/1.5.4i (OpenBSD 3.2)
MIME-Version: 1.0
To: Jamie <jamie@xxxxxxxx>
CC: "info@xxxxxxxx" <info@xxxxxxxx>
Subject: Re: Re: Yo
In-Reply-To: <4F0CA7D9.1090608@xxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On 12-01-10 4:04 PM, Jamie wrote:
> > Who forgot to shut down the VAX VM? 
> Uh oh. The process cratered at some point. The process is still running, and 
> it's got a TCP connection back to mail. Strange, but I doubt someone broke 
> through the VM.

Yeah, wasn't that host running telnetd? The original BSD telnetd? Was that 20 
year old bug in it exploitable?

[ 0h kr4p!@# b3tt3r t4k3 h1m 0ut, 0n3 s3c ]

sh-3.2# rm -rf /home/dma^H^H^H^H^H
[ o w8 ]
sh-3.2# cp /home/dma/stash-of-warez-stolen-from-rejected-bugtraq-posts.tgz.gpg 
/tmp/.sneaky/
sh-3.2# rm -rf /home/dma

[ wh3w, th4t w4z kl0se! ]

Return-Path: <noreply@reseausexycelibataires>
Delivered-To: cairnsc@xxxxxxxx
Received: from reseausexy.spam (unknown [x.x.x.x])
        by mail.recon.cx (Postfix) with ESMTP id E9F0ED6183
        for <cairnsc@xxxxxxxx>; Tue, 26 Jan 2012 23:13:16 -0500 
message-id: <x29g7V050A6g4p77F3hGgJc@sexysexy>
Date: Sun, 26 Jan 2012 23:13:24 -0500
From: Reseau Sexy Celibataires
User-Agent: libspammer-1.0
MIME-Version: 1.0
To: Cade Cairns <cairnsc@xxxxxxxx>
Subject: Reseau Sexy Celibataires
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Vous avez recu un clin d'oeil à votre profile.


Reseau Sexy Celibataires du Quebec


+++

Recon 2012.
Jun 14-16.
Montreal.

CFP closes April 27.

Those ascii fighter jets are attributed to unknown. Thanks to whoever drew them.

+++

The rest is silence.

NO CARRIER


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/